How to remove xmrig.exe

xmrig.exe

The module xmrig.exe has been detected as Risk.CoinMiner

xmrig.exe
Remove xmrig.exe

File Details

Product Name:

XMRig
Company Name:

www.xmrig.com
MD5: 6b33c34623f3051a996f38e536d158af
Size: 882 KB
First Published: 2018-04-25 19:12:14 (7 years ago)
Latest Published: 2022-02-19 23:15:40 (3 years ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2022-02-19 23:15:40 (3 years ago)

Common Places:

%commonappdata%
%windir%
%sysdrive%
%sysdrive%\appserv\www
%temp%
%sysdrive%\$recycle.bin\s-1-5-21-3023200524-2856637149-2266792237-1004
%profile%\videos\xmrig-2.5.3-gcc-win64
%desktop%\monero pasta
%desktop%
%windir%\vss\writers

File Names:

Mining.exe
xmrig.exe
yam1.exe
sysConfig.bat
websock.exe
system6.exe
start.exe
xm.exe
system10.exe
te.exe
yam2.exe
services.exe
SteamClient.exe
te.exe.quarantined
crss.exe
svchost.exe
$RN741LI.exe
$RG9UE0A.exe
$R82762E.exe
$RRQ2P4J.exe
$R3UDINU.exe
me (2).exe
Crs.exe
$RNIZQ86.exe
$RW3BRZP.exe
$RW08KGJ.exe
$R6JOX17.exe
$RPPL9HZ.exe
$R76W4NN.exe
$R1RIBWA.exe
$R7FNVLF.exe
$RN0AGHB.exe
$R3B0V6Z.exe
$RD19HBU.exe
$R74CDZ5.exe
$R1QTJP2.exe
$RHI6KG0.exe
$RFXGYSW.exe
$ROX3U42.exe
$R6XGRHF.exe
$RQWWZNL.exe
$RQIVFHT.exe
$ROIP4E1.exe
$RQXVDFU.exe
$RL37JB9.exe
$RN6VYIO.exe
$RBJ7MB9.exe
$RHVMXXL.exe
$RYCRZGW.exe
$RUWEHXM.exe
$RWGKY09.exe
$RWKPBQQ.exe
$RWWX188.exe
$RXGFUJ4.exe
$RYGJMND.exe
$RX2Z4KG.exe
xmrigg.exe

Geography:

43.9%
13.6%
7.9%
6.5%
4.6%
3.5%
2.4%
2.2%
2.2%
1.6%
1.6%
1.4%
1.4%
0.8%
0.8%
0.8%
0.5%
0.5%
0.5%
0.5%
0.5%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%

OS Version:

Windows Server 2008 R2 48.4%
Windows 10 19.9%
Windows Server 2012 R2 14.6%
Windows 7 13.6%
Windows Server 2012 1.9%
Windows 8.1 1.3%
Windows Server 2016 0.3%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000400000
Entry Address: 0x000014e0

PE Sections:

Name Size of data MD5
.text 732160 5ac15574328b68571cb98d8e33b96bd8
.data 1536 c43a340ec5aca65db1d02a61a34b3f6a
.rdata 82432 73be56d1dfbe193de6d326d3fe47ef99
.pdata 23552 70ea5aab23204cb5f5aa8fd6771cc7a2
.xdata 22016 f6d4825267e966988214bf1fdb3f25fb
.bss 0 00000000000000000000000000000000
.edata 1536 905f1fc2d68a3941caf589ffb9a9d369
.idata 12288 c8158db09e2491fa4db493da14ef9fe6
.CRT 512 205a07a8ea4656e16516d951fe476cdb
.tls 512 bf619eac0cdf3f68d496ea9344137e8b
.rsrc 23808 7db6fd252ca5c7c3e91288ed9d738493
.reloc 2048 eecf74a5bf222533d481054850e06ded

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for xmrig.exe
copyright for information about xmrig.exe